Grizzly Steppe

It should come as no surprise to anyone even slightly knowledgeable about information security that the human factor is the biggest risk to unwanted exposure of information. The most dangerous way that a human can put himself or his organization at risk is to read an email. It is way to easy to embed malicious content in an email that can get past the rudimentary security filters that are in place in many organizations and especially on personal devices.

Malicious content in an email can masquerade as a harmless web link. It may seem to be from your your bank or from an email provider. It can direct you to a forged page and ask you to update some personal information or to enter a password. Are you sure that email is legitimate?

Malicious content can be easily embedded in a graphic or a pdf. Take a look at your spam folder. See any files with attachments? Subject lines like “Invoice” or “Purchase Order” from people you were not expecting or don’t even know signal trouble. Do not open those files! You may have been spearphished, targeted because of who you are or where you work.

So with all the talk about “Russian hacking”, this Department of Homeland Security Release detailing what they believe to be an organized campaign against employees of critical infrastructure, academia, and business puts the talk in perspective.

It is probable that no vote tally was changed as a result of any “Russian hacking”, but to discount the real threat to American society of organized hacking campaigns by foreign governments is foolhardy.

I Love Ransomware

I had a few minutes to timesink yesterday and was reading stories on Google News. One link leads to another, and before I knew it, I was sucked into a story on 40 little known facts about TV’s most popular situation comedy ever, “I Love Lucy”. What could be more wholesome web viewing?

I rather quickly noticed that the text accompanying the pictures was very poorly written. Words were misspelled and misused with alarming frequency. I was convinced that the writing had been outsourced to an offshore bot that had stolen the content elsewhere on the interwebs.

And then, this happened.

fake-virus

My computer was crazily beeping and there was a fake virus alert displayed on the screen. Of course I took the time to close the browser (despite the false warning that I would not be able to) and make sure that my workstation was not actually infected. Such fun!

A brief Google survey revealed that the call center number displayed, (877) 337-7936, is often connected with malware scam artists. Most of the displayed pages seem to be further attempts to get you to install real malware on your system. Don’t fall for them.

Then I made the call. I was the end user from hell that these cyberpirates deserve. Imagine if Ransomware Inc. got hundreds of calls like this every day? They’d have no time to hold up their other poor victims and their profit margins would take a dive. The obvious annoyance of the Ransomware Agent at about 7 minutes into the call, when he lets out an exasperated “Yeeeeessss”, is priceless.

Remember, October is National Cyber Security Awareness Month. Stay safe online.

Windows 10 Anniversary Update DHCPV6 (Still) Broken

According to threads on Microsoft’s Developer Network, DHCPV6 has been broken since the first deployments of the Anniversary Update last August. I first noticed an issue on October 4 where several Windows clients would no longer register their IPV6 DNS address post update.

While this has been broken for a couple of months, I was advised today by Adam Rudell, a Microsoft Support Escalation Engineer, that the “PG is actively investigating. I just updated the TechNet thread and will follow up as soon as PG has provided me some more information.”

The full thread can be read here.

Bad Mobile Device Manners In-Flight

Yesterday, a cacophony of irritating noises permeated my brain on board an otherwise pleasant United flight from Orlando to Newark.

Some airlines think they have improved service by providing free entertainment streaming on personal mobile devices. And of course, in-flight wifi is becoming ever more commonplace. Actually, what the airlines have done is saved a bundle of money on maintaining those personal seat back screens. They’ve also created a major new source of in-flight irritation.

The problem is not the airlines per se, but the inconsiderate and ill-mannered behavior of un-civil society members on board.

Let me make things clear. If your child is playing a game on their mobile device, turn off the sound. I don’t want to hear the bloops and beeps.

If you are watching a video, turn off the sound or use headphones. I am not interested in your video, no matter what it is.

If you are texting inflight I don’t want to hear a chime, buzz, or bell each time you receive a message. Turn them off.

If you are listening to music, use headphones and keep the volume at a level so that I don’t have to listen to your music. I don’t want to hear it no matter how good you think it is.

Cabin crews — please add a blurb to your in-flight announcements regarding courteous use of personal entertainment devices. Require use of headphones with any sound generating device. If you hear or see someone violating this request (which ought to be a rule) instruct the violator about expected behavior. Don’t ignore it to the point where I need to call you over to deal with it.

Lessons From A Ship’s Captain

What does a ship’s captain know about information security? A lot, apparently, if that Captain is Richard Phillips of Maersk Alabama fame. If you recall, this ship was the target of a failed hijacking attempt by four Somali pirates in April 2009. The ultimate failure of the hijackers, despite their early success in penetrating the perimeter of the ship, was in large part due to the leadership and strategic skills of Captain Phillips.

Captain Richard Phillips, left.
Captain Richard Phillips, left.

I recently had the opportunity to hear Captain Phillips speak at an event where the target audience was information security professionals. The lessons of the Captain’s experience were very relatable to that audience.

When Captain Phillips joined the crew of the Maersk, he took a couple of days to settle in and observe. He was concerned that security seemed a bit loose on board and decided to drill the crew. He did this repeatedly, each time learning from the failures of the previous drills. He and the crew, working together, improved things to a point where each member understood his role and responsibilities in case of an attack.

Sound familiar? Through iterative testing and analysis he helped his crew understand the policies and the actions that would increase their chances of repelling or surviving an attack by intruders. He made sure that any attack had to go through multiple layers of defenses. When the attack came, not everything worked as planned and practiced, but enough worked to ultimately assure the lives and safety of the crew.

From Captain Phillips’ experience, it reminds us of our need to have policies that make sense and procedures that can be followed, especially under the worst of circumstances. He reminds us to educate our teams and organizations on their roles in executing those procedures. We need to test, test and test again. Learn from failures and successes and you and your crew will survive to tell the tale.

Hopefully you won’t need the help of US Navy SEAL marksmen to repel your next attack.

Windows 10 Update – Unhappy Anniversary

The Windows 10 anniversary update came recently to my radio room computer. The folks in Redmond have some quality assurance problems to resolve. Here’s what I’ve noticed so far.

All my firewall rules were deleted. This means that as I run applications which require external access, I have to reauthorize them. While it is not a bad practice to occasionally review these settings, I would have preferred to do so at a time of my own choosing.

The WINUSB driver used by my Perseus SDR was deleted. I had to reinstall the driver and to do so, I had to go through the multiple reboots to allow installation of the unsigned 64 bit driver. Not fun.

My sound device settings were changed. The friendly name for the SignaLink USB sound card device that is connected to my Kenwood TS-2000 reverted to “USB Audio CODEC” and Windows decided to make that device my default sound and communications devices.

This update was hardly the best anniversary present that Microsoft could have given me.

September RF Bits in CQ – Erratum

cq-contents-sept-2016As luck would have it, a key URL for the software mentioned in my September CQ Magazine RF Bits column no longer works. That is because the author, Mike Guenther, DL2MF, decided to withdraw support for the DV4MF2 console for the DV4mini. Whatever his reasons, we have luckily archived a copy for your convenience. So if you arrive at a German language page with a “no more available” caption in English at the top, fret not and get your copy of DV4MF2.exe right here.

While the author has withdrawn support, the software nonetheless functions as it did when my article was prepared for your enjoyment. Other software for the DV4mini is also available and supported by Wireless Holdings, although lacking the nice Brandmaster XTG support that DV4MF2 offered.

It would be great if more radio amateurs released their software under some open source license so that work by and for the community could be continued as needed. We have far too much orphaned software in regular use in the amateur community. A perfect example of this is UI-View32. The author’s last wishes upon his death included the destruction of the source code. Yet, the program is still used by many amateur stations around the world. Imagine how much more useful the orphaned software could be if the source code were available for further development?

Android Security Just Got a Whole Lot Better

While Marshmallows are soft and gooey, Android 6.0.1 (Marshmallow) is one tough cookie. Marshmallow provides granular security controls that allow you to decide whether an application gets access to particular information. Tired of LinkedIn or Facebook trying to grab all your contacts?

Android Marshmallow allows for more granular control of application permissions.
Android Marshmallow allows for more granular control of application permissions.
Now you can control this behavior.

To take a look at these settings, go to Settings->Apps->Application manager. Pick an app and you’ll see a bunch of sliders that let you turn access on or off for that control. Newer app versions directly support the Marshmallow security model. Older apps don’t and may malfunction, but don’t let that stop you from trying out settings that meet your security requirements.

Blackberry has had this level of application security control for many years. It is good to see that Android is now taking application and data security very seriously.

Perspective of a former Gilfer Associates Employee

Anyone who listened regularly to the shortwaves back in the 1970s knew about Gilfer Associates of Park Ridge, New Jersey. They were a source of books, gadgets, and radios supporting the SWL habit. The company was run by Oliver P. (Perry) Ferrell and his wife, Jeanne. Perry was at one time the Editor of Popular Electronics Magazine.

I came across this recent blog post by Susan Ito, a former employee. It paints a nice picture of what is was like to work for the Ferrells as an after school employee.

How I Came to Love Shipping (and the Hot UPS Guy)

The “Rigged” Presidential Debate System

The Republican and Democratic parties are part of a cartel that want to prevent American citizens from being exposed to any candidate other than their own. They do this through a nonprofit corporation called the Commission on Presidential Debates (CPD). This “governance body” was created in the late 1980s after the League of Women Voters, formerly the sponsor of presidential debates, would not agree to limit participation to the two dominant political parties.

Are debates under these rules serving the interests of the American people or serving the interests of the CPD cartel? Any time the ruling class attempts to limit discourse to those subjects and participants that they have defined as representing their interests, it is YOUR interests that are likely being harmed.

Libertarian candidate Gary Johnson will be on the ballot in all 50 states of the union come November. He is polling at roughly 10% in nationwide opinion surveys. Clearly, the unpopular candidates of the two major parties have much to lose if Johnson is permitted to participate in the Presidential Debates. That’s why the Elephant and Jackass won’t let him play in their sandbox.

Attorney friends, could the RICO statues be used against the CPD to force them to extend participation? It would be interesting to see a RICO based class action civil suit filed on behalf of American voters as the injured class.